Data Transmission Security Improvements

ABSTRACT

This disclosure provides for a method of securely transmitting communication information from a first terminal operating in a first coordinate measurement domain to a second remotely-located terminal operating in a second coordinate measurement domain. The method includes combining the communication information with extraneous information to create a data signal, determining a value of an identification variable expressed with respect to the first coordinate measurement domain, where the identification variable value enables the location of the communication information concealed within the data signal to be determined, using a coordinate transform function to calculate a value of the received identification variable expressed with respect to the second coordinate measurement domain, and extracting the information from the received data signal using the calculated identification variable value to distinguish the communication information from the extraneous information.

TECHNICAL FIELD

The present invention relates to the field of secure data transmissionand in particular to an improved steganographic method of securelytransmitting data between remotely located parties.

BACKGROUND OF THE INVENTION

The ability to securely transfer data between remotely located terminalsis a necessary requirement for many present day applications, inparticular where the data being transferred is confidential, such as inelectronic transactions of financial and/or other confidential databetween remotely located terminals.

Cryptography is one known way of securely transmitting information.Conventionally, a signal comprising the confidential information isencrypted at a sending device using an encryption key, which encryptsthe information in accordance with a selected algorithm. The encryptedsignal comprising the encrypted information is subsequently transmittedto a receiving device. To recover the encrypted information a decryptionkey is used at the receiving device.

The security of known cryptographic protocols often resides in thecomputational complexity required to derive the decryption key. Inpractice, the computational complexity required to crack a cryptographicprotocol often means that several hours, if not days are required tocrack the protocol! However, the increasing complexity of the appliedencryption algorithms has the converse undesired effect of increasingthe computational power required at the receiving end, to carry outdecryption. Increasingly sophisticated specialised hardware is requiredto provide such robust levels of security.

In real world cryptographic applications, often the level of security issacrificed, in favour of minimising implementation costs. In suchapplications, the cost saving of using lower level security protocols isperceived as justifying the decrease in afforded security. This isparticularly true in relatively low-cost transmission systems, such asnetworked lottery ticket issuing terminals, where the value of thelottery ticket itself and the associated hardware do not justifyinvesting in state of the art cryptographic systems. As a result, oftensuch systems are relatively insecure.

A further shortcoming associated with known cryptographic systems, isthat the presence of encrypted data itself, may be sufficient to alertand attract the unwanted attention of a malevolent third party. Afterall, only sensitive and confidential information tends to be encrypted.Thus, in effect whilst cryptography can be very successful inmaintaining the confidentiality of sensitive information in transit, itcan also alert a malevolent third party to the existence of such data inthe first instance.

Steganography provides a known way of overcoming the afore describedshortcoming associated with known cryptographic protocols. Effectively,steganography is the art and science of writing hidden messages in sucha way that no one, apart from the sender and intended recipient,suspects the existence of the message, a form of security throughobscurity. Often this is achieved by hiding a confidential messagewithin a “carrier” message. The carrier message effectively disguisesthe confidential message. In this way, the steganographic message doesnot attract the unwanted interest of malevolent third parties.

In practice, steganographic messages are commonly comprised of a carrierfile, within which the confidential information is disguised. Forexample, often text files, such as PDF files are used as the carrier,and the confidential information is disguised within the text of thefile in accordance with an algorithm. The more complex the algorithm thegreater the provided security. However, this improved security requiresincreased processing capabilities at both the sender and the receiver,which inevitably increases the costs of the required hardware.

It is clear that there is a need for improved secure transmissionmethods for use in low-cost applications, and it is an object of thepresent invention to provide an improved, secure transmission system andmethod which is simple to implement, at relatively low cost, and doesnot suffer the shortcomings of the prior art systems.

SUMMARY OF THE INVENTION

A first aspect of the present invention relates to a method of securelytransmitting communication information from a first terminal operatingin a first coordinate measurement domain to a second remotely-locatedterminal operating in a second coordinate measurement domain. The methodcomprises combining the communication information with extraneousinformation to create a data signal, and determining a value of anidentification variable expressed with respect to the first coordinatemeasurement domain. The identification variable value enables thelocation of the communication information concealed within the datasignal to be determined. The data signal and the identification variablevalue are transmitted from the first terminal to the second terminal. Acoordinate transform function configured to map coordinate values fromthe first coordinate measurement domain to the second coordinatemeasurement domain is used to calculate a value of the receivedidentification variable expressed with respect to the second coordinatemeasurement domain. The information is extracted from the received datasignal using the calculated identification variable value to distinguishthe communication information from the extraneous information.

An advantage of the present invention is that it provides a convenient,effective and relatively simple method of concealing communicationinformation within extraneous information and securely transferring thecombined information within a data signal. Implementation of the presentmethod does not require special hardware and may be carried out usingcommonly available components at relatively low cost. This contrastswith other known secure transmission methods where special apparatus isoften required. Furthermore, the concealed communication may berecovered at the receiving terminal relatively quickly once theidentification variable value has been expressed with respect to thereceiving terminal's coordinate measurement domain. Accordingly, thepresent method is particularly suitable for use in applications wherelarge volumes of information need to transmitted securely, andinformation recovery times minimised.

The present method is particularly effective in protecting againstintercept-resend type attacks (e.g. eavesdropping). An eavesdroppercannot accurately extract the communication information from the datasignal without knowing the coordinate measurement domain with respect towhich the identification variable value is expressed. Provided that thisinformation is maintained confidential, an eavesdropper cannotaccurately distinguish between extraneous information and communicationinformation (i.e. the information that the sending terminal wishes tosecurely transmit to the receiving terminal).

In alternative embodiments, the first terminal may be provided with thecoordinate transform function and is arranged to carry out the usingstep prior to the transmitting step. This reduces the processingrequirements of the receiving terminal (the second terminal) evenfurther, since the act of calculating the identification variable valueexpressed with respect to the second coordinate measurement domain iscarried out by the first terminal. Accordingly, on receipt of the datasignal, the second terminal simply uses the re-expressed identificationvariable value to recover the communication information. The processingrequirements of the receiving terminal are thus advantageously furtherminimised.

Alternatively, the communication information is transmitted to a secondreceiving terminal operating in a second coordinate measurement domainand to a third receiving terminal operating in a third coordinatemeasurement domain. The using step comprises calculating a value of theidentification variable expressed with respect to the second coordinatemeasurement domain, and with respect to the third coordinate measurementdomain.

In such embodiments the identification variable may comprise a receivingterminal identifier, the identifier being indicative of the receivingterminal coordinate measurement domain the identification variable valueis expressed with respect to. At each receiving terminal, the extractingstep may comprise identifying the identification variable valueexpressed with respect to the receiving terminal's coordinatemeasurement domain on the basis of the terminal identifier. Subsequentlyusing the identification variable value to extract the communicationinformation from the received data signal.

The identifier provides each receiving terminal with a simple means forreadily identifying the identification variable value that is expressedwith respect to its adopted coordinate measurement domain.

Additionally, the data signal may comprise first and secondcommunication information, and the extracting step further comprises:extracting the first communication information at the second receivingterminal using a first identification variable value calculated in theusing step, the first identification variable value having beenidentified on the basis of a first identifier; and extracting the secondcommunication information at the third receiving terminal using a secondidentification variable value calculated in the using step, the secondidentification variable value having been identified on the basis of asecond identifier.

An advantage of such embodiments, is that different communicationinformation may be securely transmitted to different receiving terminalsvia a single data signal, which is received by each one of the differentreceiving terminals. Each terminal is only able to extract thecommunication information whose location is determinable from thereceived identification variable value expressed with respect to thecoordinate measurement domain of the subject terminal. This ensures thatonly the receiving terminal's intended recipient is able to extract thecommunication information, and avoids the need for creating a separatedata signal for each intended recipient terminal.

Effectively, the method of the present invention may be used to securelytransmit communication information to a plurality of different receivingterminals using a single data signal.

In alternative embodiments the transmitting step comprises transmittingthe identification variable value from the first terminal to the secondterminal via a third terminal.

For example, the third terminal may be provided with the coordinatetransform function, and the method further comprises: encrypting, at thefirst terminal, the identification variable value using a firstcryptographic key shared with the third terminal, and transmitting theencrypted identification variable to the third terminal; decrypting, atthe third terminal, the received encrypted identification variable priorto carrying out the using step; and encrypting the identificationvariable value expressed with respect to the second coordinatemeasurement domain, using a second cryptographic key shared with thesecond terminal, and transmitting the encrypted identification variableto the second terminal for carrying out the extracting step.

An advantage of such embodiments is that neither the first or secondterminal are required to carry out any identification variable valuecalculations. Furthermore, neither of the terminals possess thecoordinate transform function. Therefore, even if the integrity of oneof the terminals is compromised by a malevolent third party, themalevolent third party, the transmission protocol itself is notcompromised. In other words, the malevolent third party may be able torecover the confidential information by posing as a genuine receiverusing the compromised terminal, however the confidentiality of thesender's coordinate measurement domain is still maintained, and cancontinue to be used.

A second aspect of the present invention relates to a system arranged tocarry out the above described method, and specifically to a systemarranged for securely transmitting communication information from afirst terminal operating in a first coordinate measurement domain to asecond remotely-located terminal operating in a second coordinatemeasurement domain. The system comprises: combining means, provided atthe first terminal, for combining the communication information withextraneous information to create a data signal; determining meansprovided at the first terminal, for determining a value of anidentification variable expressed with respect to the first coordinatemeasurement domain, the identification variable value enabling thelocation of the communication information concealed within the datasignal to be determined; a transmitter for transmitting the data signaland the identification variable value from the first terminal to thesecond terminal; a mapping means provided at the second terminal, forusing a coordinate transform function configured to map coordinatevalues from the first coordinate measurement domain to the secondcoordinate measurement domain to calculate a value of the receivedidentification variable expressed with respect to the second coordinatemeasurement domain; and extracting means, provided at the secondterminal, for extracting the information from the received data signalusing the calculated identification variable value to distinguish thecommunication information from the extraneous information.

Further features and advantages of the present invention are set out inthe ensuing description and claims.

BRIEF DESCRIPTION OF THE FIGURES

FIG. 1 is a schematic overview of a system for transmitting a securedata signal from a sender terminal to one or more recipient terminals;

FIG. 2 is a simplified schematic of the transmission system of FIG. 1comprising a sending terminal, a single receiving terminal, and aneavesdropper, and is incorporated herein to illustrate the security ofthe present transmission method from eavesdroppers;

FIG. 3 a is an example of a transmission signal comprising concealedconfidential communication information as prepared by terminal Aillustrated in FIG. 2;

FIG. 3 b is an example of the transmission signal of FIG. 3 a asreceived by terminal B illustrated in FIG. 2, and measured with respectto terminal B's adopted measurement frame;

FIG. 4 is a process flow chart of the steps comprised in the methodcarried out by the apparatus of FIG. 2;

FIG. 5 is a schematic of an alternative transmission system comprising athird secure terminal C; and

FIG. 6 is a process flow chart outlining the method carried out by thesystem of FIG. 5.

DETAILED DESCRIPTION OF THE INVENTION

A more detailed description of specific embodiments of the presentinvention is set out below with reference to the above-describedfigures.

FIG. 1 is a schematic overview of a system 1 for transmitting a securedata signal comprising confidential communication information combinedwith extraneous information—the communication information is effectivelyconcealed within the extraneous information. The data signal istransmitted from a sender to one or more recipient's in accordance withan embodiment of the present invention. The system 1 comprises a senderterminal 3 and one or more receiver terminals 5, 7, 9, 11. The senderterminal 3 (also referred to as terminal A in the ensuing description)may further comprise a signal generator 13, arranged to generate acarrier signal; a signal modulation module 15 for modulating a selectedsignal; and a data store 17. The data store 17 comprises a plurality ofdata 19 associated with communication information and extraneousinformation. The communication information is information that a userlocated at the sender terminal 3 wishes to securely transmit to one ormore of the selected receiver terminals 5, 7, 9, 11. The extraneousinformation provides a means for concealing the communicationinformation, and relates to authentic information. The extraneousinformation may relate to any type of information. For example, in someembodiments the extraneous information may relate to a graphical image,or to a moving image (e.g. a video). Other types of information may alsobe used, the provided example is non-limiting, and such alternativesfall within the scope of the present invention.

The data signal is generated at the sender terminal 3 and comprises theuser selected communication information combined with the extraneousinformation, as mentioned previously. The data signal itself may begenerated by modulating a carrier signal generated by the signalgenerator 13 with the combined information, using the signal modulationmodule 15. It is envisaged that any known modulation method may be used.

The data signal is subsequently sent to one or more user nominatedreceiver terminals 5, 7, 9, 11 via a shared communication channel. Incertain embodiments, the communication channel may relate to acommunication network 21 such as the internet, or alternatively to aprivate communication network.

In addition to sending the data signal to one or more selected receiverterminals 5, 7, 9, 11, the sender terminal 3 also sends data associatedwith an identification variable value, which may be generated by anidentification variable generator module 23 operatively connected to thesender terminal 3, to the one or more user nominated receiver terminals5, 7, 9, 11. The identification variable generator module 23 is arrangedto determine the value of an identification variable associated with thelocation of the communication information concealed within the datasignal. The functionality of the identification variable generatormodule 23 my be provided by processing means local to the senderterminal 3. The identification variable enables a receiver to extractthe concealed user selected data from the data signal. Upon receipt ofthe data signal and the identification variable value, the one or moreuser nominated receiver terminals 5, 7, 9, 11 use the receivedidentification variable value to extract the concealed communicationinformation from the received data signal.

The identification variable value is expressed with respect to aconfidential measurement domain (also interchangeably referred to as ameasurement frame in the ensuing description) unknown to third parties.This requirement may be implemented in several different ways, preferredembodiments of which are described herein. For present purposes, itsuffices to note that the security of the system is dependent on theconfidentiality of the measurement frame with respect to which theidentification variable value is expressed. In the absence of thisinformation, an eavesdropper cannot accurately extract the confidentialcommunication information from the intercepted data signal—knowledge ofthe identification variable value alone is useless, since theeavesdropper cannot interpret it. In other words, knowledge of acoordinate value in itself does not convey any information withoutknowledge of the coordinate frame with respect to which it is expressed.Accordingly, to accurately extract the communication information fromthe data signal both the identification variable value and thecoordinate measurement domain with respect to which the variable valueis expressed must be known. In the absence of either one of these twopieces of information, an eavesdropper cannot extract the communicationinformation. Further details of this feature of the present inventionare set out below.

The data signal may be generated by populating the carrier signal, withboth extraneous and confidential communication information prior totransmission, as mentioned previously. The data signal may relate toeither an analogue or a digital signal, and may relate to a data packet.

In certain embodiments, the confidential communication information iscombined and concealed within extraneous information in accordance witha selected encoding algorithm. This combining step may be carried out atthe sender terminal 3, using the local processing capabilities of theterminal 3. Alternatively, the combining step may equally be carried outby an alternative processing device operatively connected to theterminal 3. The combining step may comprise, for example, encoding thebinary sequence associated with the confidential communicationinformation within the binary sequence associated with the extraneousinformation, in accordance with a selected encoding algorithm togenerate a resulting transmission binary sequence. A carrier signal maysubsequently be modulated with the resulting transmission binarysequence to form the transmission data signal, which comprises both theconfidential and the extraneous information. As mentioned previously,the transmission data signal is subsequently sent via the sharedcommunication channel, to one or more intended recipients. The one ormore identification variable values may be sent to the intendedrecipients simultaneously with the transmission signal, or separately.

To distinguish the confidential communication information from theextraneous information in the received transmission signal, the one ormore receivers must be able to interpret the received identificationvariable value. In other words, the recipients must be able to expressthe identification variable value within a known coordinate measurementdomain. Provided that the coordinate measurement domain with respect towhich the identification variable value is being expressed is unknown toan eavesdropper, or any other non-authorised malevolent third parties,then the eavesdropper and/or third parties will not be able to extractthe confidential communication information from the intercepted datasignal, even when in possession of the identification variable values.

On receipt of the transmitted data signal, the confidentialcommunication information is extracted by the intended recipient (e.g.any one of terminals 5, 7, 9, 11), using the received one or moreidentification variable values to distinguish the confidentialcommunication information from the extraneous information comprisedwithin the data signal. In embodiments where sender and receiver do notadopt the same measurement reference system, conversion of the receivedone or more identification variable values into the measurementreference system of the recipient is required. The identificationvariable values may either be converted by the sender prior totransmission, or by the receiver on receipt of the transmitted datasignal, to values expressed with respect to the recipient's adoptedcoordinate measurement domain. This is analogues to performing acoordinate transform between the two different coordinate measurementdomains adopted respectively by the sender and the receiver.

In embodiments where the transmitted identification variable values areexpressed with respect to the sender's adopted coordinate measurementdomain, the receiver must be in possession of the correct transformfunction, mapping variable values expressed with respect to the sender'sadopted coordinate measurement domain to variable values expressed withrespect to the receiver's coordinate measurement domain. In this way,the receiver is able to map the received variable values from valuesexpressed with respect to the sender's coordinate measurement domain, tovariable values expressed with respect to the receiver's coordinatemeasurement domain. This ability to convert and to re-express receivedidentification variable values in the receiver's coordinate measurementdomain, enables the receiver to distinguish between extraneous andconfidential communication information, and to extract the confidentialcommunication information from the received data signal.

Alternatively, the transmitted identification variable values may beexpressed with respect to the receiver's coordinate measurement frame.In such embodiments, the receiver is not required to perform anycoordinate transform operation on the received information variablevalues, since the variable values are already expressed with respect tothe receiver's coordinate measurement frame. Instead, the mappingfunction is carried out by the sender prior to transmission of the oneor more identification variable values. Accordingly, the sender mustpossess the coordinate mapping function, enabling the sender to convertidentification variable values expressed with respect to the sender'smeasurement coordinate frame to variable values expressed with respectto the receiver's measurement coordinate frame.

The security of the present system and method will become clearer fromthe ensuing description.

FIG. 2 is a simplified schematic diagram of a transmission system 25incorporated herein to facilitate the reader's understanding of thesystem and method of the present invention, and to highlight thesecurity of the invention. The system 25 comprises a sending terminal27—terminal A—and, a receiving terminal 29—terminal B, arranged tocommunicate via the shared communication channel 31. The integrity ofthe shared communication channel 31 has been compromised by aneavesdropper 33, who is able to intercept all communication signals sentbetween the terminals 27, 29 via the shared channel 31.

In a preferred embodiment, the identification variable may relate to atime variable, and defines the location of the confidentialcommunication information concealed within the transmission signal.Clocks A 35 and B 37 represent respectively terminal A's 27 adoptedcoordinate measurement frame, and to terminal B's 29 adopted coordinatemeasurement frame.

FIG. 3 a is an example illustrating an arbitrary transmission datasignal f(t) 39 expressed as a function of time in terminal A's 27selected coordinate measurement frame. The confidential communicationinformation 41 is defined as being comprised in the region b≦t≦a, wheret is the time-variable, and a 43 and b 45 refer to the maximum andminimum values of t.

All information falling outside the defined range of values of t relatesto extraneous information 47. It is important to note that the term“extraneous information” is used in the present description to describeinformation which does not relate to the information the sender wishesto send to the intended receiver, and is comprised within thetransmission signal solely as a means of concealing the confidentialcommunication information 41. The extraneous information 47 may relateto valid data, or could be false information specifically created by thesender (i.e. terminal A 27) to mislead the eavesdropper 33. For example,the extraneous information 47 may be noise. Alternatively, theextraneous information 47 may relate to text, video, audio, or any othertype of information. Accordingly, if an eavesdropper 33 intercepts thetransmission signal 39 and attempts to extract the information comprisedwithin the signal, it is highly likely that the eavesdropper 33 willmistakenly identify the extraneous information 47 for the confidentialcommunication information 41. As mentioned previously, both theconfidential communication information 41 and the extraneous information47 may be encoded within the carrier signal using modulation techniquesknown in the art. The transmission signal f(t) 39 along with theidentification variable values t={a,b} 43, 45 are sent via the sharedcommunications channel 31 to the recipient—terminal B 29. In theillustrated embodiment, the identification variable values t={a,b} 43,45 relate to boundary values defining a region of the data signal f(t)39, which relates to the communication information 41. It is to beappreciated that this embodiment is provided for illustrative purposesand is not limiting. Alternative ways of combining the communicationinformation 41 with the extraneous information 47 are envisaged, whichmay result in the communication information 41 being randomly dispersedwithin the resulting data signal 39, in which case the identificationvariable values may relate to discrete points and/or a plurality ofranges of values.

FIG. 3 b is an example of the transmission signal f(t′) 49 received bythe recipient—terminal B 29. Terminal B 29 receives transmission signalf(t′) 49 measured in its nominated coordinate measurement frame (thetime frame represented by clock B 37), and time-variable boundary valuest={a,b} 43, 45 expressed with respect to terminal A's coordinate frame(the time frame represented by clock A 35). Ignoring attenuation andother signal deformation effects resulting from propagation in theshared communication channel 31, it is important to note that in thepresent embodiment the received transmission signal f(t′) 49 will differfrom the sent transmission signal f(t) 39, since the terminals A 27, B29 are measuring the data signal in different coordinate measurementframes 35, 37.

Transmission signal degradation effects in both the amplitude andfrequency domain resulting from transmission in the shared communicationchannel 31, for example, signal attenuation and pulse broadening, may becorrected using known techniques and/or apparatus. For example, signalrepeaters may be used to mitigate attenuation effects. The presentinvention may be used in accordance with any known method and/or systemfor mitigating against signal deformation effects resulting fromtransmission along the shared communication channel 31.

Extraction of the confidential communication information 41 from thereceived data signal f(t′) 49, requires expressing the receivedtime-variable values a 43 and b 45, in terminal B's 29 coordinatemeasurement frame 37—i.e. the value t′={a′,b′} 51, 53 are required. Therelationship between the time-variable values as measured in terminalB's 29 coordinate frame (i.e. t′={a′,b′} 51, 53) and terminal A's 27coordinate frame (i.e. t={a,b} 43, 45) are:

a′=Ma

b′=Mb

Where M is a coordinate transform function, which maps between points interminal A's (i.e. the sender) coordinate frame 35, and terminal B'scoordinate frame 37 (i.e. receiver). a′ 51 is the projection of thecoordinate value a 43 expressed with respect to terminal B's coordinateframe 37. In other words, a′ 51 is the value of a 43 expressed withrespect to terminal B's coordinate frame 37. Similarly, b′ 53 is theprojection of coordinate value b 45 expressed with respect to terminalB's coordinate frame 37. As mentioned previously, in the presentembodiment the coordinate transform function M, is known only toterminal B 29 (the recipient).

In some embodiments the coordinate transform function M may alsocomprise a correction factor to compensate for any attenuation and/orsignal degradation in the amplitude, and/or frequency domain, arisingduring transmission in the shared communication channel 31.

In some embodiments, the sender (i.e. terminal A 27) may send severalidentical copies of the data signal f(t) 39 to the receiver (i.e.terminal B 29). The copies may be sent in temporal succession, or atrandom discrete temporal intervals. Once the copies of the transmissionsignal have been received, the receiver can faithfully reconstruct thetransmission signal. In this way any transmission errors resulting fromnon-faithful signal transmission, can be mitigated.

The identification variable may relate to any physically measurablevariable and/or observable associated with the data signal, and need notnecessarily relate to a time variable. For example, the data signal mayequally be expressed in the frequency domain, in which case theidentification variable value may relate to a frequency value.Alternative embodiments are envisaged where any physically measurablevariable and/or observable associated with the data signal may be usedas the identification variable. Since such measurable variables and/orobservables will be known to the reader skilled in the art of signalprocessing, a detailed list of all possible variables and/or observablesis superfluous.

In an alternative embodiment the confidential communication informationmay be encoded within a digital image file which is subsequently sent tothe intended receiver. The identification variable may relate to pixellocation information. For example, the confidential communicationinformation may be encoded in every tenth pixel value. The senderprovides the receiver with the identification variable values, which inthis specific embodiment relate to pixel location values expressed inthe sender's selected measurement frame, or alternatively to analgorithm enabling the location of each required pixel to be determined.For example, the algorithm may effectively relate to a series (e.g.

${{f(x)} = {\sum\limits_{x = a}^{b}{10x}}},$

where a and b delimit the range of pixels in which the communicationinformation is concealed), wherein each tenth pixel represents acomponent of the communication information. On receipt, the receiverconverts the received pixel location values to coordinate locationvalues expressed in the receiver's selected coordinate measurementdomain, as previously described.

FIG. 4 is a high level process flow chart, illustrating the differentsteps comprised in the afore described method, and highlights howinformation may be securely transmitted between remotely locatedterminals sharing a communication channel, as illustrated in FIG. 2. Instep 55 the sending terminal (i.e. terminal A 27) and the receivingterminal (i.e. terminal B 29) select their coordinate measurementdomains. All the embodiments described so far comprised the sender andreceiver selecting different measurement frames. However, embodimentswherein both sender and receiver select the same measurement frame areequally possible and are described in further detail in the alternativeembodiment section below. It is to be noted that it is not a generalrequirement that sender and receiver adopt different coordinatemeasurement domains, provided that the adopted measurement domain isunknown to an eavesdropper 33 and/or any other malevolent third parties.Preferably, the measurement frames are selected and defined at the pointof manufacture of terminals A 27 and B 29 in order to avoid transmittingsensitive information over a potentially compromised communicationchannel, which if intercepted could compromise the integrity of thetransmission system.

Returning to FIG. 4, in step 57 the receiving terminal—terminal B 29—isprovided with the coordinate transform function M, which maps points interminal A's 27 selected coordinate measurement frame to points interminal B's 29 selected coordinate measurement frame. For example, thismay comprise terminal B 29 being provided with information regardingterminal A's 27 selected coordinate measurement frame, such that thecoordinate transform function M can be determined. The transformfunction M may alternatively be simply provided to terminal B 29 duringconfiguration at the point of manufacture. Alternatively, terminal A 27may be provided with the transform function M to enable terminal A 27 totransmit the identification variable values expressed with respect toterminal B's 29 adopted coordinate measurement domain. This initialconfiguration is preferably carried out at the point of manufacture.Alternatively, the coordinate transform function M may be provided toeither terminal A 27 or terminal B 29 by transmission via a known securechannel. In other words, the coordinate transform function M may betransmitted to either terminal A 27 or terminal B 29 from a securesource via a secure channel that is known not to be compromised.

Following this initial configuration, terminals A 27 and B 29 may beused for secure data transmission. In step 59 terminal A encodes theconfidential communication information in a transmission signalcomprising extraneous information, as previously described. Thisencoding may be carried out in accordance with a selected encodingalgorithm, a selected steganographic algorithm, and/or any selected dataembedding security schemes. For example, such an algorithm may result inconfidential communication information being interspersed at irregularintervals within the data signal. Equally, the confidential data may bedispersed at regular intervals within the data signal. The precisenature of the employed encoding algorithm is not critical to the presentembodiment, and such algorithms and/or schemes are widely known in theart, and accordingly are not discussed further. The interested reader isreferred to any textbook regarding steganographic encoding algorithms,and/or data embedding security schemes for further details.

In step 61 terminal A 27 sends the data signal to terminal B 29 alongwith one or more identification variable values. Alternatively, the oneor more identification variable values are transmitted separately fromthe transmission signal. However, recovery of the confidentialcommunication information may only occur once terminal B 29 has receivedthe time-variable values. The data signal and the one or moreidentification variable values may be transmitted in any order, or theymay be transmitted simultaneously.

In step 63 terminal B 29 receives the data signal along with the one ormore identification variable values expressed in the coordinatemeasurement domain adopted by terminal A 27. To recover the confidentialcommunication information from the received data signal, at step 65 theone or more received identification variable values are transformed,using the coordinate transform M, to calculate the identificationvariable values expressed with respect to terminal B's 29 adoptedcoordinate measurement domain. The converted identification variablevalues are subsequently used to identify and recover the confidentialcommunication information comprised within the received data signal atstep 67.

At this stage the receiver has recovered the confidential communicationinformation concealed in the data signal, and the process is completedat step 69.

Alternative Embodiments

Now that the basic system and method of the present invention have beendescribed, alternative embodiments are set out below.

As mentioned previously, in alternative embodiments both sender andreceiver may share the same coordinate measurement domain. Thedistinguishing feature between such embodiments and the above describedembodiments, is that the coordinate transform function is no longerrequired to map identification variable values expressed with respect tothe sending terminal's coordinate measurement domain, to valuesexpressed with respect to the receiving terminal's coordinatemeasurement domain. The identification variable values are transmittedto the receiving terminal expressed with respect to the sharedcoordinate measurement domain. The security and confidentiality of thetransmitted data signal is maintained provided that the sharedcoordinate measurement domain remains confidential. In this way, aneavesdropper cannot effectively use the intercepted identificationvariable values to extract the communication information from theintercepted data signal. An eavesdropper requires knowledge of theshared coordinate measurement domain to effectively use the interceptedidentification variable values for the purposes of extracting thecommunication information.

The present system and method may be used to securely transmitinformation to a plurality of receiving terminals 5, 7, 9, 11 asillustrated in FIG. 1. Each receiving terminal 5, 7, 9, 11 adopts adifferent confidential coordinate measurement domain, which is unknownto the other terminals. Selected information may be transmitted to theplurality of receiving terminals 5, 7, 9, 11 using a single transmissionsignal. A plurality of confidential communication information is encodedwithin the data signal. The plurality of confidential communicationinformation is comprised of individual confidential communicationinformation components each associated with a different intendedreceiving terminal 5, 7, 9, 11.

The sending terminal 3 is provided with a plurality of coordinatetransform functions, each function associated with a different receiverterminal 5, 7, 9, 11. The sending terminal 3 determines theidentification variable values associated with each differentconfidential communication information component and uses the knowncoordinate transform functions to express the identification variablevalues in the coordinate measurement domain adopted by the intendedreceiving terminal. The sending terminal 3 is now in possession of theidentification variable values associated with each differentconfidential communication information component and expressed in thecoordinate measurement domain of the intended receiving terminal. Anoptional identifier may be appended to each one of the plurality ofidentification variable values. The identifier, which may relate to abinary string appended to the identifier variable values, enables thereceiver terminals 5, 7, 9, 11 identify which one of the plurality ofidentifier variable values is applicable to them. In other words, theidentifier tells the receiver terminal which one of the plurality ofidentifier variable values is expressed in its adopted coordinatemeasurement domain.

The identifier does not compromise the security of the system, since itdoes not reveal information regarding the coordinate measurement domainadopted by the intended receiver to a malevolent third party.

The data signal and the plurality of identification variable values aresent to each receiving terminal 5, 7, 9, 11 along with the associatedidentifiers. Upon receipt of the data signal, the identificationvariable values and the associated identifiers, a receiving terminal 5,7, 9, 11 will first identify the identification variable valuesassociated with its selected coordinate measurement domain. Once it hasidentified the variable values associated with its selected coordinatemeasurement domain, the confidential communication information intendedfor the subject receiving terminal may be extracted from the receiveddata signal.

It is to be appreciated that a receiving terminal 5, 7, 9, 11 may onlyextract confidential communication information from the data signal thatwas intended for it. For example, receiving terminal 5 cannot extractconfidential communication information intended for terminal 7, sinceterminal 5 does not know the coordinate measurement domain adopted byterminal 7. Therefore, even though terminal 5 may be able to identifythe identification variable values associated with the confidentialcommunication information intended for terminal 7, to correctly extractthe confidential communication information intended for terminal 7, thevariable values and the coordinate measurement domain with respect towhich they are expressed (i.e. the measurement system adopted byterminal 7), must be known. In other words, terminal 5 cannot correctlyapply the identification variable values to extract the confidentialcommunication information intended for terminal 7, without knowledge ofthe coordinate measurement domain with respect to which theidentification variable values have been expressed. Accordingly, themethod and system of the present invention lends itself for use insecurely transmitting a plurality of different communication informationconcealed in a single data signal, to different intended recipients,without compromising the confidentiality of the different communicationinformation.

In a further alternative embodiment of the present invention, theLorentz transforms of special relativity may be used, which are definedas follows:

$t^{\prime} = {\gamma \left( {t - \frac{vx}{c^{2}}} \right)}$x^(′) = γ(x − vt) y^(′) = y z^(′) = z$\gamma = \frac{1}{\left( {1 - \left( \frac{v}{c} \right)^{2}} \right)^{\frac{1}{2}}}$

The above transforms have their conventional meaning, and the interestedreader is referred to any University Physics textbook with a chapter onRelativistic Mechanics, for a more thorough definition of the abovetransform equations. For present purposes, it suffices to note that theLorentz transforms describe the spatial and temporal coordinatetransforms between two inertial (constant velocity) frames of reference,moving at constant velocity with respect to one another.

An example of how the Lorentz transforms may be used is set out in thefollowing alternative embodiment. Terminals A 27 and B 29 both selectfictional coordinate measurement frames, one of which moving at close tothe speed of light such that relativistic effects, such as timedilation, become noticeable. This is an important requirement since thepremise of this embodiment is that both terminal A 27 and terminal B 29will observe different time-coordinate values, which is only possiblewhen relativistic effects become significant and result in a deviationfrom classical Newtonian Mechanics. For example, terminal A 29 mayselect to express its time-coordinate variable values t with respect toan inertial frame of reference moving at 0.992c, where c is the speed oflight (approximately 3×10⁶ ms⁻¹). To determine the identificationvariable value as measured in its own coordinate measurement frame,terminal B 29 applies the appropriate Lorentz transform—in this case thetransform for t′ however, any other Lorentz transform could equally beused.

Once the time-coordinate variable value has been calculated in the frameof reference adopted by terminal B 29, the confidential communicationinformation is recovered as described previously. The skilled addresseewill note that use of the Lorentz transforms requires that terminal B 29is provided with both the identification variable value signal timecoordinates associated with the confidential communication information,as measured by terminal A 27, and the fictional velocity of terminal A's27 selected frame of reference. The velocity of terminal A's 27 selectedframe of reference is preferably provided to terminal B 29 at the sourceof manufacture, prior to data transmission or is provided via a knownsecure communication channel. Knowledge of the velocity of terminal A's27 fictional relativistic coordinate measurement frame by aneavesdropper may compromise the integrity and security of thetransmission signal if the eavesdropper is aware that relativisticcoordinate measurement frames are being used, since effectively thefictional velocity defines the relativistic measurement frame. Withknowledge of the relativistic measurement frame, an eavesdropper is ableto recover the confidential communication information concealed withinthe intercepted data signal.

In a further alternative embodiment of the present invention, terminal A27 is provided with a clock measuring time at irregular intervals, or inaccordance with a selected algorithm. The irregular clock is used todefine the time-variable coordinate values associated with theconfidential communication information, comprised within the transmitteddata signal. Again, terminal B 29 is provided with a coordinatetransform function enabling the received identification variabletime-values to be expressed in terms of the temporal coordinate frameadopted by terminal B 29—or in other words, terminal B is provided withthe transform function required to express the received time-coordinatevalues with respect to the time-coordinates associated with its ownclock.

Alternatively, both sender and receiver may use clocks having differentbase time-interval units. Provided the receiver is in possession of theappropriate coordinate transform function, time-intervals measured inthe sender's temporal coordinate frame (i.e. the adopted coordinatemeasurement domain), may be re-expressed in the receiver's temporalcoordinate frame. For example, the coordinate transform function maysimply comprise a coordinate shift.

In a further alternative embodiment, a third secure terminal may beincorporated into the transmission system, and is used as a proxyterminal to distribute the identification variables expressed in thereceiver's coordinate measurement domain. FIG. 5 is a schematic diagramillustrating an example of such a system 71. Terminal A 27 (sender) andterminal B 29 (receiver) are operatively connected via a sharedcommunication channel 31 as previously described in relation to FIG. 2.Terminal C 73 (the proxy terminal) is operatively connected to bothterminals A 27 and B 29 via, respectively shared communication channel75 and shared communication channel 77. The difference between thepresent embodiment and previously described embodiments is that neitherterminal A 27 or terminal B 29 is provided with the coordinate transformfunction M required to express the identification variable values in thereceiving terminal's measurement frame. Instead, terminal C is providedwith this information. In other words, terminal C is provided with thecoordinate transform function M required to convert identificationvariable values expressed with respect to terminal A's 27 coordinatemeasurement domain into variable values expressed with respect toterminal B's 29 coordinate measurement domain. Alternatively, terminal C73 may be provided with the coordinate measurement domain of terminal A27 and terminal B 29. In this way, terminal C 73 can calculate thecoordinate transform function M when it is required.

Furthermore, terminal C 73 shares a different pair of unique encryptionkeys with each attached terminal. For example, terminal C 73 shares anencryption key pair with terminal B 29, which is different to theencryption key pair shared with terminal A 27. The encryption key pairsmay relate to a public-key encryption pair, wherein one key is publiclyavailable and is used to encrypt information, whereas the private keyused to decrypt encrypted information is known only to terminal C 73. Itis immaterial for present purposes which type of cryptographic keys areshared between the terminals, suffice to say that the encryption keysmust be sufficiently complex to ensure that a malicious third partyand/or eavesdropper is not able to derive the decryption key fromknowledge of the encryption key. One way of achieving this, and as willbe known to the skilled reader, the encryption function is selected suchthat its inverse is not well defined. This ensures that an eavesdroppercannot derive the decryption key from knowledge of the encryption key.Public-key cryptography is one example of a widely known cryptographicprotocol which satisfies this requirement however, other types ofcryptographic protocols exist which also satisfy this requirement andmay equally be used with the present invention.

Preferably, terminal C is configured with knowledge of the coordinatemeasurement domains of terminals A 27 and B 29 at the point ofmanufacture. Similarly, the encryption keys are also preferablydistributed at the point of manufacture and prior to data transmission.In the ensuring description the cryptographic key pairs shared betweenterminal C 73 and terminal A 27 are denoted e_(A), and similarly thecryptographic key pairs shared between terminal C 73 and terminal B 29are denoted e_(B). The encryption key is further denoted by a 1subscript, for example e_(A1) denotes the encryption key member of thekey pair shared between terminal C 73 and terminal A 27. Similarly,e_(A2) denotes the decryption key member of the key pair shared betweenterminal C 73 and terminal A 27.

An example of the present embodiment is now described with reference tothe flow chart illustrated in FIG. 6. Terminals A 27, B 29 and C 73 areremotely located with respect to each other. Terminal C 73 is located ina secure and trusted location. Accordingly, for present purposes it isassumed that the integrity and confidentiality of the information storedat terminal C 73 is secure. In step 79, terminal A prepares a datasignal, as previously described and defines the identification variablevalues t={a,b} required to extract the confidential communicationinformation concealed in the data signal f(t). Terminal A 27subsequently encrypts the defined identification variable values t={a,b}using the encryption key e_(A1) in step 81.

The encrypted identification variable values, denoted e_(A1)[t={a,b}],are sent to terminal C 73 in step 83. Optionally, the data signal f(t)may simultaneously be sent to terminal B 29. However, terminal B 29 willonly be able to recover the concealed confidential communicationinformation once it has received the identification variable valuest′={a′,b′}, expressed with respect to its adopted coordinate measurementdomain from terminal C 73. Accordingly, it is equally possible totransmit the data signal f(t) after step 91, once terminal B 29 hasreceived the identification variable values from terminal C 73.

Terminal C 73 receives the encrypted identification variable valuese_(A1)[t={a,b}] in step 85. Terminal C 73 decrypts the received variablevalues using its decryption key e_(A2), to recover the identificationvariable values t={a,b}. The recovered identification variable valuest={a,b} are subsequently converted by terminal C 73 to identificationvariable values t′={a′,b′} in terminal B's 29 coordinate measurementdomain, using the coordinate transform function M in step 87.

In step 89 terminal C 73 encrypts the identification variable valuest′={a′,b′} using the encryption key member e_(B1) of the cryptographickey pair shared with terminal B 29. The encrypted identificationvariable values e_(B1)[t′={a′,b′}] are subsequently sent to terminal B29.

Terminal B 29 received the encrypted identification variable valuese_(B1)[t′={a′,b′]} from terminal C 73 in step 91, and decrypts thereceived encrypted identification variable values e_(B1)[t′={a′,b′}]using the decryption key member e_(B2) to recover the identificationvariable values t′={a′,b′}.

The decrypted identification variable values t′={a′,b′} expressed withrespect to terminal B's 29 selected measurement frame, are used byterminal B 29 to extract the confidential communication informationconcealed in the received data signal, which ends the process in step95.

It is to be appreciated that the system and method of the abovedescribed embodiment is secure against eavesdroppers, since withoutknowledge of the decryption key e_(B2) and the coordinate measurementdomain of terminal B 29, the eavesdropper cannot accurately extract theconfidential communication information from the data signal.

In all described embodiments, security of transmission is maintainedsince an eavesdropper does not possess sufficient information to allowan intercepted identification variable value to be re-expressed in termsof its own coordinate measurement domain. Accordingly, an eavesdroppercan not identify and recover the confidential communication informationwithin an intercepted data signal with any degree of certainty.

The herein described system and methods may be used in conjunction withany existing cryptographic protocol for an added layer of security.Similarly, the identification variable values and/or the data signal maybe encrypted prior to transmission. For example, the confidentialcommunication information may be encrypted and embedded in encryptedform in the data signal. Similarly, the identification variable valuesmay be encrypted, and transferred to the receiving terminal in encryptedform. In this way, an eavesdropper must obtain the decryption key, inaddition to knowing the receiver's coordinate measurement domain to beable to extract the confidential communication information from the datasignal.

It is to be appreciated that the present method may be used with anytype of data and any type of digital file format. Includingvoice-over-IP (VoIP), audio data files (e.g. mp3, mp4, WAV, flac etc.),video data files (e.g. avi, mpeg etc.), image data files (e.g. jpeg, RAWetc.), and any other data file formats.

It is to be appreciated that the term terminal, as used in the presentdescription relates to any electronic device capable of receiving andtransmitting data signals. For example, this includes but is not limitedto a PC, a mobile telephone, a smart telephone, a telephone, a modem, aPortable Data Assistant (PDA) etc.

Although the herein described embodiments relate to one-waycommunications—namely, information is sent in one direction, from asender (i.e. terminal A 27) to a receiver (i.e. terminal B 29), theherein described methods may equally be used for two-way communication,in which case each terminal is both a receiver and a sender ofconfidential communication information—e.g. terminal B 29 transmitsinformation to terminal A 27.

The herein described embodiments are provided for illustrative purposesonly and are not limiting. Furthermore, alternative embodiments relatedto any combination of the herein described embodiments are envisaged andfall within the scope of the present invention.

The present invention may be used in conjunction or independently fromknown cryptographic methods.

Further features of the present invention are set out in the followingclauses:

A data terminal for securely transmitting communication information to aremotely located second terminal, the data terminal comprising:combining means, for combining the communication information withextraneous information to create a data signal; determining means, fordetermining a value of an identification variable expressed with respectto a first coordinate measurement domain, the identification variablevalue enabling the location of the communication information concealedwithin the data signal to be determined; and a transmitter fortransmitting the data signal and the identification variable value tothe second terminal.

The terminal may comprise: a mapping means, for using a coordinatetransform function configured to map coordinate values from the firstcoordinate measurement domain to a second coordinate measurement domainto calculate a value of the identification variable expressed withrespect to the second coordinate measurement domain.

Alternatively, the data terminal may be arranged to operate in the firstcoordinate measurement domain.

The data terminal of may comprise: encryption means, for encrypting theidentification variable value using a cryptographic key shared with areceiving terminal to thereby improve the confidentiality of thetransmitted identification variable value.

The encryption means may be configured to encrypt the data signal tothereby improve the confidentiality of the transmitted data signal.

The encryption means may be configured with one of the keys comprised ina public cryptographic key pair.

The combining means may comprise an algorithm generator, configured togenerate an algorithm for combining the communication information withthe extraneous information.

The algorithm generator may be configured to generate a random algorithmsuch that the communication information and the extraneous informationis combined randomly.

The combining means may comprise a signal modulator configured tomodulate a carrier signal with the combined communication informationand extraneous information to create the data signal.

The combining means may comprise a signal generator arranged to generatethe carrier signal.

A data terminal for securely receiving communication information(referred to as a receiving terminal) from a remotely locatedtransmitting terminal, the data terminal comprising: a receiver, forreceiving a data signal comprising the communication informationcombined with extraneous information, and for receiving a value of anidentification variable enabling the location of the communicationinformation within the data signal to be determined; and a demodulator,for extracting the combined communication and extraneous informationfrom the received data signal.

The receiving terminal may comprise: data storage means; and wherein thedemodulator is a computer executable code stored in the data storagemeans.

The receiving data terminal may comprise: information distinguishingmeans, for distinguishing the communication information from theextraneous information using the identification variable value.

The receiving data terminal may comprise: information extraction means,for extracting the communication information from the extraneousinformation using the identification variable value.

The receiving data terminal may comprise: a mapping means, for using acoordinate transform function configured to map coordinate values from afirst coordinate measurement domain to a second coordinate measurementdomain to calculate a value of the identification variable expressedwith respect to the second coordinate measurement domain.

The receiving data terminal may be arranged to operate in the secondcoordinate measurement domain.

The receiving data terminal may comprise: decryption means, fordecrypting an encrypted identification variable value using acryptographic key shared with the transmitting terminal.

The decryption means may be configured to decrypt an encrypted datasignal received from the transmitting terminal.

The decryption means may be configured with one of the keys comprised ina public cryptographic key pair.

The receiving data terminal may be a computer terminal.

The receiving data terminal may be a mobile telephone.

The receiving data terminal may be a smartphone.

1-32. (canceled)
 33. A computer-implemented method of securelytransmitting communication information from a first terminal operatingin a first coordinate measurement domain to a second remotely locatedreceiving terminal operating in a second coordinate measurement domain,the method comprising: combining, with a processor of the firstterminal, the communication information with extraneous information tocreate a data signal; determining, with the processor of the firstterminal, a value of an identification variable expressed with respectto the first coordinate measurement domain, the identification variablevalue enabling the location of the communication information concealedwithin the data signal to be determined; transmitting the data signaland the identification variable value from the first terminal to thesecond terminal; using a coordinate transform function configured to mapcoordinate values from the first coordinate measurement domain to thesecond coordinate measurement domain to calculate a value of thereceived identification variable expressed with respect to the secondcoordinate measurement domain; and extracting the information from thereceived data signal using the calculated identification variable valueto distinguish the communication information from the extraneousinformation.
 34. The method of claim 33, wherein the first terminal isprovided with the coordinate transform function and uses the coordinatetransform function prior to transmitting the data signal.
 35. The methodof claim 34, wherein: the communication information is transmitted tothe second receiving terminal operating in the second coordinatemeasurement domain and to a third receiving terminal operating in athird coordinate measurement domain; the second coordinate measurementdomain is associated with the first coordinate measurement domain by afirst coordinate transform function; the third coordinate measurementdomain is associated with the first coordinate measurement domain by asecond coordinate transform function; the first coordinate transformfunction is used to calculate a value of the identification variableexpressed with respect to the second coordinate measurement domain; andthe second coordinate transform function is used to calculate a value ofthe identification variable expressed and with respect to the thirdcoordinate measurement domain
 36. The method of claim 35, wherein theidentification variable comprises a receiving terminal identifier, theidentifier being indicative of the receiving terminal coordinatemeasurement domain the identification variable value is expressed withrespect to.
 37. The method of claim 36, wherein, at each of the secondand third receiving terminals, extracting the communication informationcomprises: identifying the identification variable value expressed withrespect to the receiving terminals' coordinate measurement domain usingthe terminal identifier, and using the identification variable value toextract the communication information from the received data signal. 38.The method of claim 37, wherein the data signal comprises first andsecond communication information, and extracting the communicationinformation from the received data signal comprises: extracting thefirst communication information at the second receiving terminal using afirst identification variable value calculated using the firstcoordinate transform function, the first identification variable valuehaving been identified on the basis of a first terminal identifierassociated with the second receiving terminal; and extracting the secondcommunication information at the third receiving terminal using a secondidentification variable value calculated using the second coordinatetransform function, the second identification variable value having beenidentified on the basis of a second identifier associated with the thirdreceiving terminal.
 39. The method of claim 33, wherein transmitting thedata signal comprises transmitting the identification variable valuefrom the first terminal to the second remotely located receivingterminal via a third terminal.
 40. The method of claim 39, wherein thethird terminal is provided with the coordinate transform function, andthe method further comprises: encrypting, at the first terminal, theidentification variable value using a first cryptographic key sharedwith the third terminal, and transmitting the encrypted identificationvariable to the third terminal; decrypting, at the third terminal, thereceived encrypted identification variable prior to using the coordinatetransform function; and encrypting the identification variable valueexpressed with respect to the second coordinate measurement domain,using a second cryptographic key shared with the second remotely locatedreceiving terminal, and transmitting the encrypted identificationvariable to the second receiving terminal for extracting the informationfrom the received data signal.
 41. The method of claim 40, whereinextracting the information from the received data signal comprisesdecrypting, at the second receiving terminal, the received encryptedidentification variable value using the second cryptographic key, andusing the decrypted identification variable value to distinguish thecommunication information from the extraneous information.
 42. Themethod of claim 40, wherein the data signal and the identificationvariable value are transmitted separately.
 43. The method of claim 40,wherein the data signal and the identification variable value aretransmitted simultaneously.
 44. The method of claim 43, wherein the datasignal is transmitted from the first terminal directly to the secondreceiving terminal.
 45. The method of claim 40, wherein the first andsecond cryptographic keys are different public key pairs.
 46. The methodof claim 33, wherein the coordinate measurement domains associated withthe different terminals, relate respectively to different Lorentziancoordinate frames of reference.
 47. The method of claim 33, wherein theidentification variable is a time variable.
 48. The method of claim 33,wherein combining the communication information with extraneousinformation comprises combining the communication information with theextraneous information in accordance with an algorithm.
 49. The methodof claim 48, wherein the algorithm is randomly generated.
 50. The methodof claim 48, wherein the identification variable value comprises thealgorithm.
 51. A computer-implemented method of securely transmittingcommunication information from a first terminal to a second remotelylocated receiving terminal, both terminals operating in a sharedcoordinate measurement domain, the method comprising: combining, with aprocessor of the first terminal, the communication information withextraneous information to create a data signal; determining, with theprocessor of the first terminal, a value of an identification variableexpressed with respect to the shared coordinate measurement domain, theidentification variable value enabling the location of the communicationinformation concealed within the data signal to be determined;transmitting the data signal and the identification variable value fromthe first terminal to the second receiving terminal; and extracting theinformation from the received data signal using the identificationvariable value to distinguish the communication information from theextraneous information.
 52. A system for securely transmittingcommunication information from a first terminal operating in a firstcoordinate measurement domain to a second remotely-located receivingterminal operating in a second coordinate measurement domain, the systemcomprising: a combining apparatus, provided at the first terminal, forcombining the communication information with extraneous information tocreate a data signal; a determining apparatus provided at the firstterminal, for determining a value of an identification variableexpressed with respect to the first coordinate measurement domain, theidentification variable value enabling the location of the communicationinformation concealed within the data signal to be determined; atransmitter for transmitting the data signal and the identificationvariable value from the first terminal to the second receiving terminal;a mapping apparatus provided at the second terminal, for using acoordinate transform function configured to map coordinate values fromthe first coordinate measurement domain to the second coordinatemeasurement domain to calculate a value of the received identificationvariable expressed with respect to the second coordinate measurementdomain; and an extracting apparatus, provided at the second terminal,for extracting the information from the received data signal using thecalculated identification variable value to distinguish thecommunication information from the extraneous information.
 53. Thesystem of claim 52, wherein the first terminal is provided with themapping apparatus and is arranged to calculate a value of theidentification variable expressed with respect to the second coordinatemeasurement domain.
 54. The system of claim 53, comprising a thirdreceiving terminal operating in a third coordinate measurement domain,and the mapping apparatus is arranged to calculate a value of theidentification variable expressed with respect to the third coordinatemeasurement domain.
 55. The system of claim 54, wherein each one of thesecond and third receiving terminals comprise an identificationapparatus for identifying the identification variable value expressedwith respect to its own coordinate measurement domain on the basis of aterminal identifier associated with the identification variable value,the terminal identifier being indicative of the terminal coordinatemeasurement domain the identification variable value is expressed withrespect to.
 56. The system of claim 55, wherein each receiving terminalcomprises an extracting apparatus for using the identification variablevalue to extract the information from the received data signal using theidentification variable value to distinguish the communicationinformation from the extraneous information.
 57. The system of claim 52,wherein the transmitter is arranged to transmit the identificationvariable value from the first terminal to the second receiving terminalvia a third terminal.
 58. The system of claim 57, wherein the thirdterminal is provided with the mapping apparatus, and the system furthercomprising: a first encrypting apparatus, provided at the firstterminal, for encrypting the identification variable value using a firstcryptographic key shared by the first terminal and the third terminal; adecrypting apparatus, provided at the third terminal, for decrypting thereceived encrypted identification variable using the shared firstcryptographic key; a second encrypting apparatus, provided at the thirdterminal for encrypting the identification variable value expressed withrespect to the second coordinate measurement domain, using a secondcryptographic key shared with the second receiving terminal; and asecond transmitting apparatus, provided at the third terminal, fortransmitting the encrypted identification variable to the secondreceiving terminal.
 59. The system of claim 58, wherein the secondreceiving terminal is provided with third decrypting apparatus, fordecrypting the received encrypted identification variable value usingthe second cryptographic key.
 60. A data terminal for securelytransmitting communication information to a remotely located secondreceiving terminal, the data terminal comprising: a combining apparatus,for combining the communication information with extraneous informationto create a data signal; a determining apparatus, for determining avalue of an identification variable expressed with respect to a firstcoordinate measurement domain, the identification variable valueenabling the location of the communication information concealed withinthe data signal to be determined; and a transmitter for transmitting thedata signal and the identification variable value to the secondterminal.
 61. The data terminal of claim 60, wherein the data terminalis a computer terminal.
 62. The data terminal of claim 60, wherein thedata terminal is a mobile telephone.
 63. The data terminal of claim 60,wherein the data terminal is a smartphone.
 64. A data terminal forsecurely receiving communication information from a remotely locatedtransmitting terminal, the data terminal comprising: a receiver, forreceiving a data signal comprising the communication informationcombined with extraneous information, and for receiving a value of anidentification variable enabling the location of the communicationinformation within the data signal to be determined; and a demodulator,for extracting the combined communication and extraneous informationfrom the received data signal.
 65. The data terminal of claim 64,wherein the data terminal is a computer terminal.
 66. The data terminalof claim 64, wherein the data terminal is a mobile telephone.
 67. Thedata terminal of claim 64, wherein the data terminal is a smartphone.